Vulnerability CYBER Scanning Minimise overall threat exposure to known 4D’s Multi-layered vulnerabilities Cyber Protection 4D’s Vulnerability Scanning provides a detailed snapshot of your IT Maintain business continuity with 4D’s infrastructure, proactively identifying and classifying your exposure to Cyber Security solutions known vulnerabilities. Managed Firewalls Deployed as part of 4D’s integrated cyber security offerings, vulnerability Industry-leading perimeter scanning is a highly impactful step to minimise your security exposure – at a protection point in time – to help protect your business from attackers looking to exploit vulnerabilities across your digital assets. DDoS Protection Safeguard your network and data
Threat Monitoring Business Challenges Proactively minimise overall Scarce resources, limited time and an evolving threat landscape can make threat exposure it difficult for IT teams on the front lines to keep pace with the latest tools, tactics and techiques of cyber criminals. 4D’s Vulnerability Scanning Managed Backups service is a fast and easy way to proactively find and fix vulnerabilities. Last line defence against system failure
Vulnerability Scanning vs. Penetration Test – are they the same? A vulnerability scan and penetration testing are often confused, but in fact the two security procedures are quite different:
VULNERABILITY SCAN PENETRATION TEST
A Vulnerability Scan is a technical security assessment A Penetration Test (Pen Test) is a manual test and using a set of tools to scan your network for known attempts to exploit these vulnerabilities to determine vulnerabilities (e.g. open ports, unpatched security whether unauthorised access or other malicious activity updates, incomplete deployment of security technologies). is possible - an ethical hack.
Why scan for vulnerabilities? Why 4D? • Proactively defend against the constantly evolving and increasingly 4D Data Centres is an independently owned sophisticated threat landscape UK-based managed infrastructure provider with facilities in Gatwick, Surrey, Kent • The nature of today’s cloud, on-premise and hybrid network and London. Since 2007, we’ve delivered environments requires continuous monitoring to protect your colocation, cloud, cyber and connectivity organisation’s data and systems 24/7 services to hundreds of small and large-scale • Enhanced legal complexity and required regulatory compliance (For organisations. example, PCI DSS compliance, Cyber Essentials PLUS, Cisco CIS)
Cloud I Colo I Connect I Cyber 4d-dc.com I 020 7183 0603 Vulnerability Scanning Services
WHY NESSUS? 4D uses Tenable Nessus – the #1 in Accuracy - the industry’s lowest false positive rate with six- de facto industry standard for sigma accuracy Vulnerability Assessment - along with #1 in Coverage – more than 130,000 plugins, coverage for more than other tools for scanning and network 50,000 CVE and over 1000 new plugins released weekly within 24 hrs security auditing. of vulnerability disclosure #1 in Adoption – trusted by more than 27,000 organisations globally
Service Features
Malware Advanced Automated Risk-based Visibility into Detection Scanning Scheduling Reporting Missing Patches Uncover and mitigate Broad and deep Specify automation Risk scored reporting Don’t miss 3rd party malware attempting visibility into at a time that works with expert next security updates to attack your vulnerabilities with best for your business actions across multiple systems every assessment software platforms
What to expect? 4D’s Vulnerability Scanning follows a defined methodology to identify possible points of weakness, uncovering system and network flaws to help you implement a proactive threat-prevention strategy.
PREPARATION & SCOPE EXECUTION OF REPORT & RECOMMENDED VULNERABILITY SCAN/S NEXT ACTIONS Flexible service delivery Scans are comprehensively In-depth report, with risk will allow you to discuss, conducted to discover scored vulnerabilities and an define and agree the exposure areas across your overall risk score based on scope of the scanning network to determine, the volume and severity of requirements to meet assess and prioritise vulnerabilities found within specific infrastructure vulnerabilities based on your network, applications, requirements. exploitability. devices and IT assets.
Guide Pricing Our vulnerability scanning can scale to any size organisation, from small businesses to enterprise-level, specifically designed to fit your organisation’s requirements.
From £100/month for monthly scanning of 10 IP addesses
Cloud I Colo I Connect I Cyber 4d-dc.com I 020 7183 0603 Technical Specifications
Our intelligently-designed vulnerability scanning can be deployed for use on any system. It is compatible with Windows, Linux, Apple, and a wide range of other servers, so no matter what your system operates on, we can help keep it safe. Additionally, we can scan any part of your system, including your databases, network devices, firewalls, and web applications. No matter how your system is configured, or how many different elements there are, our vulnerability scanning will keep every aspect of it secure.
Types of scanning and reporting:
Audit Cloud Infrastructure Badlock Detection Audit the configuration of third-party cloud services: Local and remote checks for CVE-2016-2118 / CVE-2016-0128 • Amazon AWS • Microsoft Azure • Office 365 • Rackspace • Salesforce This type of scan may require pre-notification to the third party.
Bash Shellshock Detection Basic Network Scan Local and Remote checks for CVE-2014-6271 / CVE-2014-7169 A full system scan for any host
Patch Audit Drown Detection An audit that logs into a system to perform a full security Remote Checks for CVE-2016-0800 patch audit of OS and third party applications
Host Discovery Malware Scan A simple scan to discover open ports and live hosts on a Scan for malware on Windows or linux Systems (inc. Mac) network subnet
Policy Compliance Audit Shadow Brokers Scan Audit System Configurations against a known baseline Scan for vulnerabilities disclosed in the Shadow Brokers Leaks
Spectre & Meltdown Wannacry Ransomware Remote & Local checks for CVE-2017-5753 / CVE-2017-5715 / Remote and Local checks for MS17-010 / CVE-2017-0144 CVE-2017-5754
Web Application Tests Scan for published and unknown web application vulnerabilities
Take the next step 4D’s Cyber Security Solutions supports cloud transformation, infrastructure and data management with an integrated approach to strengthen your overall security posture. Discover why hundreds of organisations like yours trust us with their data and infrastructure security.
The data floor at 4D’s Gatwick Data Centre
Cloud I Colo I Connect I Cyber 4d-dc.com I 020 7183 0603